summaryrefslogtreecommitdiff
path: root/pjmedia
diff options
context:
space:
mode:
authorNanang Izzuddin <nanang@teluu.com>2009-05-30 10:17:55 +0000
committerNanang Izzuddin <nanang@teluu.com>2009-05-30 10:17:55 +0000
commit7e7590add84c6f8ab76e3d67106ec0b7d21149e8 (patch)
tree2be7a4135c720ad2ba712661e9e6ee8b775f4d8c /pjmedia
parentc3e6bef59b428d3e4fb9f8e03bdd6e055efd825e (diff)
Ticket #862: Updated validations of SRTP crypto attribute.
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2726 74dad513-b988-da41-8d7b-12977e46ad98
Diffstat (limited to 'pjmedia')
-rw-r--r--pjmedia/src/pjmedia/transport_srtp.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/pjmedia/src/pjmedia/transport_srtp.c b/pjmedia/src/pjmedia/transport_srtp.c
index cd9fb734..1a270245 100644
--- a/pjmedia/src/pjmedia/transport_srtp.c
+++ b/pjmedia/src/pjmedia/transport_srtp.c
@@ -22,6 +22,7 @@
#include <pjmedia/endpoint.h>
#include <pjlib-util/base64.h>
#include <pj/assert.h>
+#include <pj/ctype.h>
#include <pj/lock.h>
#include <pj/log.h>
#include <pj/os.h>
@@ -980,6 +981,7 @@ static pj_status_t parse_attr_crypto(pj_pool_t *pool,
{
pj_str_t input;
char *token;
+ int token_len;
pj_str_t tmp;
pj_status_t status;
int itmp;
@@ -993,10 +995,20 @@ static pj_status_t parse_attr_crypto(pj_pool_t *pool,
PJ_LOG(4,(THIS_FILE, "Attribute crypto expecting tag"));
return PJMEDIA_SDP_EINATTR;
}
- *tag = atoi(token);
- if (*tag == 0)
+ token_len = pj_ansi_strlen(token);
+
+ /* Tag must not use leading zeroes. */
+ if (token_len > 1 && *token == '0')
return PJMEDIA_SDP_EINATTR;
+ /* Tag must be decimal, i.e: contains only digit '0'-'9'. */
+ for (itmp = 0; itmp < token_len; ++itmp)
+ if (!pj_isdigit(token[itmp]))
+ return PJMEDIA_SDP_EINATTR;
+
+ /* Get tag value. */
+ *tag = atoi(token);
+
/* Crypto-suite */
token = strtok(NULL, " ");
if (!token) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 18:57:50 +0000